Emergent Threat Response
Want to stay ahead of emerging threats? Here’s how.
A key question security organizations should ask themselves with regard to emerging threats: Are the systems we have logging the correct information?
Automating the Cloud: AWS Security Done Efficiently
Today, we are going to be installing software on all your existing EC2 instances across several (or all!) accounts under an organization in AWS.
SIEM Delivery Models: Where Do Today’s Risks and Future Technology Lead Us?
Recently, we partnered with Ultimate IT Security to discuss the current and future state of SIEM technology, and how it’s evolving to address current risks.
Rolling with Your Logs, Part 3: Using Regex to Expand Your Search Options
In this final installment of our Log Search series, we’ll look at some simple regular expressions that will greatly expand your Log Search options.
Rolling with Your Logs, Part 2: Advanced Mode Searches
In the Part 2 of this three-part series on InsightIDR Log Search, we will cover three concepts: parsed logs, groupby function, and log search operations.
Rolling with Your Logs, Part 1: Your Guide to Log Search in InsightIDR
In the first installment of this series, we'll cover the three most important basics of log search, then run through a few common Simple Mode searches.
Taking a Message-Based Approach to Logging
When you think about it, a log entry is really nothing more than a message that
describes an event. As such, taking a message-based approach to logging by
utilizing messaging technologies makes sense. Messaging creates the loose
coupling that allows a logging system to be adaptable to the needs at hand and
extensible over time.
Understanding a Standard Logging Architecture
Typically, logging is implemented in an application using a logger
6 Best Practices for Effective IT Troubleshooting
System monitoring and troubleshooting
be a time-consuming and frustrating activity. It’s not unusual for IT folks to
spend hours finding and fixing a problem that could have been resolved in 10
minutes had better troubleshooting tools and processes been in place.
Improving IT troubleshooting and monitoring doesn’t need to be an expensive
undertaking. Many times it’s just a matter of implementing a few company-wide
3 Steps to Building an Effective Log Management Policy
You’re on Call Duty. You’re awoken in the middle of the night by your cell phone
in the throes of an SMS frenzy. You’re getting hundreds of messages from your
company’s logging service: a record is being written to a database, code is
being executed, a new container is being spun up, and on and on. None of these
messages matter to you. You just turn off your phone and go back to sleep.
The next day you go into the office only to find out that half the racks in your
datacenter went offline durin
5 Ways to Use Log Data to Analyze System Performance
Analyzing System Performance Using Log Data
Recently we examined some of the most common behaviors that our community of
25,000 users looked for in their logs, with a particular focus on web server
logs. In fact, our research identified the top 15 web server tags and alerts
created by our customers—you can read more about these in our
https://logentries.com/doc/community-insights/ section—and you can also easily
create tags or alerts based on the patterns to identify these behaviors in your
What is Syslog?
This post has been written by Dr. Miao Wang, a Post-Doctoral Researcher at the
Performance Engineering Lab at University College Dublin.
This post is the first in a multi-part series of posts on the many options for
collecting and forwarding log data from different platforms and the pros and
cons of each. In this first post we will focus on Syslog, and will provide
background on the Syslog protocol.
What is Syslog?
Syslog has been around for a number of decades and provides a protocol used for
Active vs. Passive Server Monitoring
Server monitoring [https://logentries.com/product/server-monitoring/] is a
requirement, not a choice. It is used for your entire software stack, web-based
enterprise suites, custom applications, e-commerce sites, local area networks,
etc. Unmonitored servers are lost opportunities for optimization, difficult to
maintain, more unpredictable, and more prone to failure.
While it is very likely that your team has a log management and analysis
12 Days of HaXmas: The Gift of Endpoint Visibility and Log Analytics
Merry HaXmas to you! Each year we mark the 12 Days of HaXmas [/tag/haxmas/] with
12 blog posts on hacking-related topics and roundups from the year. This year,
we're highlighting some of the “gifts” we want to give back to the community.
And while these gifts may not come wrapped with a bow, we hope you enjoy them.
Machine generated log data is probably the simplest and one of the most used
data source for everyday use cases such as troubleshooting, monitoring, security
investigations … the lis
Announcing InsightOps - Pioneering Endpoint Visibility and Log Analytics
Our mission at Rapid7 is to solve complex security and IT challenges with
simple, innovative solutions. Late last year Logentries joined the Rapid7 family
to help to drive this mission. The Logentries technology itself had been
designed to reveal the power of log data to the world and had built a community
of 50,000 users on the foundations of our real time, easy to use yet powerful
log management and analytics engine.
Today we are excited to announce InsightOps, the next generation of Logentri
User Behavior Analytics and Privacy: It's All About Respect
When I speak with prospects and customers about incident detection and response
(IDR) [https://www.rapid7.com/solutions/incident-detection/], I'm almost always
discussing the technical pros and cons. Companies look to Rapid7 to combine
behavior analytics (UBA)
[https://www.rapid7.com/solutions/user-behavior-analytics/] with endpoint
detection and log search to spot malicious behavior in their environment. It's
an effective approach: an analytics engine that triggers based on known attack